Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Iv7BlAWHwtTSqrwYCjO4TncHl3g.roa
File: Iv7BlAWHwtTSqrwYCjO4TncHl3g.roa (raw, json)
Hash identifier: CtjWIg8cj/EIEDm2PlXQNrOLp13HQV6ozFwkNUy1YL0=
Subject key identifier: 22:FE:C1:94:05:87:C2:D4:D2:AA:BC:18:0A:33:B8:4E:77:07:97:78
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018959D09E97619AFA63FECDCCFA3A48EE48
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Iv7BlAWHwtTSqrwYCjO4TncHl3g.roa
Signing time: Sat 15 Jul 2023 13:49:51 +0000
ROA not before: Sat 15 Jul 2023 13:49:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46562
IP address blocks: 104.232.36.0/24 maxlen: 24
45.67.141.0/24 maxlen: 24
2a07:c6c0:36::/48 maxlen: 48
2a07:c6c0:37::/48 maxlen: 48
2a0c:3ac0::/48 maxlen: 48
2a07:c6c0:35::/48 maxlen: 48
2a07:c6c0:38::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:59:d0:9e:97:61:9a:fa:63:fe:cd:cc:fa:3a:48:ee:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 15 13:49:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22fec1940587c2d4d2aabc180a33b84e77079778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b9:af:f1:6c:c0:bf:11:05:33:d9:f9:6f:48:
5d:8b:d8:fa:ac:5d:fb:e5:23:3a:49:c6:7f:f4:e9:
67:b4:52:0d:76:38:37:3e:65:83:7e:e1:27:37:fa:
f4:81:2e:2b:3a:52:e2:08:69:70:07:8c:3b:e6:b5:
81:93:c0:66:cb:67:94:b3:62:5f:fa:bd:e3:db:8a:
c9:03:c3:ea:fe:53:3e:d4:5d:dd:32:aa:c9:b3:a5:
77:88:85:1a:39:29:58:9d:7f:9b:22:a3:02:de:c9:
98:2a:4c:4e:c6:17:50:5c:d7:36:11:b3:83:57:2f:
f0:40:60:fc:36:f4:7d:7a:10:15:07:0a:77:1f:90:
1e:fd:1c:16:11:d4:b7:e0:61:f7:84:a6:07:a5:47:
6e:e9:eb:3d:95:a5:ab:0c:95:db:7f:00:9c:c7:e1:
6b:32:a2:36:bf:97:13:72:0e:23:4a:96:5f:01:13:
b1:36:63:37:e9:97:8d:6c:8d:9f:15:fb:51:6d:dc:
a9:fb:32:d4:6b:11:9f:66:95:8e:9d:c9:3f:49:bc:
99:bb:28:4d:49:aa:ea:07:39:46:19:35:29:5a:97:
21:b9:2f:c7:65:4d:18:ef:30:f0:38:dc:9b:e9:11:
5d:3f:1c:7d:0f:85:b0:61:4d:c8:06:f7:62:65:10:
e5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:FE:C1:94:05:87:C2:D4:D2:AA:BC:18:0A:33:B8:4E:77:07:97:78
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Iv7BlAWHwtTSqrwYCjO4TncHl3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.141.0/24
104.232.36.0/24
IPv6:
2a07:c6c0:35::-2a07:c6c0:38:ffff:ffff:ffff:ffff:ffff
2a0c:3ac0::/48
Signature Algorithm: sha256WithRSAEncryption
70:0e:6c:a8:78:1d:8d:4d:b3:69:30:4c:c1:e4:e1:d0:aa:16:
3a:ca:48:65:1a:bd:d1:01:b7:e4:01:35:4f:4f:16:b2:bd:10:
6d:b9:85:8f:65:15:3f:98:d2:9f:95:a9:46:46:df:95:ce:97:
ef:84:fe:2a:fa:8d:82:38:f2:fa:99:96:ae:33:89:c3:ad:b8:
d6:e4:75:7e:c0:e0:62:bb:e4:5d:62:8d:4f:9c:28:bd:f9:91:
68:e6:22:97:2b:00:df:ce:fe:96:53:3f:21:b9:a1:44:55:bc:
84:11:97:0e:d5:be:bd:06:db:0e:86:a6:6b:cf:42:68:4b:6d:
5c:08:ce:c2:db:28:14:48:22:14:60:0c:5c:23:ac:4e:a4:63:
1b:9d:e3:3e:0b:b2:db:e6:fe:be:b8:a9:4f:47:7c:a3:5b:17:
3d:09:82:48:b9:95:0a:55:de:13:1f:3c:22:e9:8c:8b:53:63:
44:79:ef:a5:57:08:47:cc:f5:a0:e6:80:5c:d8:29:75:ea:11:
df:d5:30:05:44:8e:59:c0:51:ce:1d:20:fd:03:33:79:94:f4:
4f:57:b6:a0:87:c1:c1:98:9a:37:e6:23:65:71:09:cf:f5:03:
b2:85:1d:7b:c7:67:aa:b4:5b:29:b0:37:6b:07:9c:d3:33:c0:
8e:c5:a7:d0
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYlZ0J6XYZr6Y/7NzPo6SO5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwNzE1MTM0OTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmZlYzE5NDA1ODdjMmQ0ZDJhYWJjMTgwYTMzYjg0ZTc3MDc5Nzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7mv8WzAvxEFM9n5b0hdi9j6rF37
5SM6ScZ/9OlntFINdjg3PmWDfuEnN/r0gS4rOlLiCGlwB4w75rWBk8Bmy2eUs2Jf
+r3j24rJA8Pq/lM+1F3dMqrJs6V3iIUaOSlYnX+bIqMC3smYKkxOxhdQXNc2EbOD
Vy/wQGD8NvR9ehAVBwp3H5Ae/RwWEdS34GH3hKYHpUdu6es9laWrDJXbfwCcx+Fr
MqI2v5cTcg4jSpZfAROxNmM36ZeNbI2fFftRbdyp+zLUaxGfZpWOnck/SbyZuyhN
SarqBzlGGTUpWpchuS/HZU0Y7zDwONyb6RFdPxx9D4WwYU3IBvdiZRDlnQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFCL+wZQFh8LU0qq8GAozuE53B5d4MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvSXY3QmxBV0h3dFRTcXJ3WUNqTzRUbmNIbDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQALUONAwQA
aOgkMCMEAgACMB0wEgMHACoHxsAANQMHACoHxsAAOAMHACoMOsAAADANBgkqhkiG
9w0BAQsFAAOCAQEAcA5sqHgdjU2zaTBMweTh0KoWOspIZRq90QG35AE1T08Wsr0Q
bbmFj2UVP5jSn5WpRkbflc6X74T+KvqNgjjy+pmWrjOJw6241uR1fsDgYrvkXWKN
T5wovfmRaOYilysA387+llM/IbmhRFW8hBGXDtW+vQbbDoama89CaEttXAjOwtso
FEgiFGAMXCOsTqRjG53jPguy2+b+vripT0d8o1sXPQmCSLmVClXeEx88IumMi1Nj
RHnvpVcIR8z1oOaAXNgpdeoR39UwBUSOWcBRzh0g/QMzeZT0T1e2oIfBwZiaN+Yj
ZXEJz/UDsoUde8dnqrRbKbA3awec0zPAjsWn0A==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:40 2024 by rpki-client on console-fra.rpki-client.org